CVE-2011-3177

EPSS 0.03%
Veröffentlicht 08.09.2017 18:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Yast ≫ Yast2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://bugzilla.suse.com/show_bug.cgi?id=713661

Third Party Advisory

Issue Tracking

https://github.com/yast/yast-core/commit/7fe2e3df308b8b6a901cb2cfd60f398df53219de

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2011-3177

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3177

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3177

EUVD